What is SSL and how does it affect my SilkStart website?

SilkStart provides an SSL certificate to all of our customers for free through Let's Encrypt to ensure that member data, payment details, and other sensitive information can be securely submitted through your website.

In this article:

What is an SSL certificate?

SSL is an acronym for Secure Sockets Layer, an encryption technology that was created by Netscape. SSL creates an encrypted connection between your web server and your visitors' web browser allowing for private information to be transmitted without the risk of eavesdropping, data tampering, or message forgery.

SSL certificates are used on websites to secure actions that would otherwise carry a risk for sensitive data to be stolen, such as payment processing, or creating a new member account and password.

You can tell if a website is secured by an SSL certificate if the URL in your address bar begins with HTTPS - the "S" denotes a secure connection. Otherwise, the URL will just begin with HTTP (not secure). Many browsers now show the URL in green or show a green lock icon to confirm you are connecting securely. Below is a screenshot of an SSL-secured website in Google Chrome.

Why is this important?

The primary purpose of an SSL Certificate is to initiate a secure connection between a website's server and the visitor's internet browser. Once a secure connection is established, all information passed online between the website and the visitor will be kept private, ensuring it reaches the correct destination server without being intercepted. This is comparable to an envelope being sent through the mail, as the envelope protects the information inside until it reaches its recipient.

In addition, Google Chrome has gradually made changes to what information website visitors see when viewing a website without an SSL certificate, and has begun ranking sites higher in their search results if they have an SSL certificate.

Is my SilkStart Site Secure?

Yes! - SilkStart provides an SSL certificate to all of our customers for free through Let's Encrypt.

This provides the safest online experience for you and your members, while ensuring your website can rank well in search results.

Every SilkStart customer already enjoyed a strong level of site security for free with SilkStart’s built-in SSL certificate, achieved by occasionally redirecting users to the secure SilkStart domain (https://yoursite.silkstart.com). This new update ensures that all pages, whether on your SilkStart domain or custom domain, are accessed securely.

What is "Let's Encrypt"?

Let's Encrypt is a free, automated, and open Certificate Authority. It is an open-source project provided by the Internet Security Research Group.

Let's Encrypt allows SilkStart to generate an SSL certificate for each individual customer website, and to automate the process for replacing it when it expires. This means that there are no complicated steps involved in replacing an expired certificate.

How does this affect me?

If you have already purchased your own custom SSL Certificate:

If your site already has an SSL certificate that was purchased and installed for you by SilkStart's developers, your certificate will not be interrupted by this update. When your certificate is nearing its expiry date, simply notify us at least two weeks aheadof time so that we can prepare for a smooth transition to a Let's Encrypt certificate for your site.

If you're not sure when your current certificate will expire, you can find out using a tool like this one. Put your SilkStart site's custom domain in the search box, and look for the date under "SSL Certificate expiration".

If you have not purchased your own custom SSL certificate:

As a result of our update, our developers have installed an SSL certificate for you on your site. You can check this by going to your website, and changing http to https in the URL. All of the pages on your site will now use the https version of the URL by default. No change is needed for you to update anything on your website. Any links that already exist will automatically be updated to use the secure connection. SSL certificates have expiry dates, and your free Let's Encrypt SSL certificate will automatically be renewed, so you don't have to worry!

If your site is not launched yet:

During account setup, your connection is secured by SilkStart's own SSL certificate. You can access your site via https://yoursite.silkstart.com, and this uses a secure connection.

Once your setup is complete and your custom domain is pointing at your SilkStart site, we will also set up an SSL certificate for your site's custom address using Let's Encrypt. This change has to happen after your custom domain has been set up, so we recommend that you give us a heads up in advance - that way we can do the prep work early. During the window when your custom domain is set up but your SSL certificate is not yet, your site will revert to your .silkstart.com address for secure functions like logging in and making payments. With advance notice, the turnaround time for getting your SSL certificate up is typically 1-2 business days. SSL certificates have expiry dates, and your free Let's Encrypt SSL certificate will automatically be renewed when the expiry date is approaching.